A Unified Extensible Firmware Interface (UEFI) secure boot (as indicated in UEFI 2.3.1c, Approved June 2012) provides that authenticated variables be created to hold signature lists for authorized and forbidden third-party drivers, (e.g., operating system (OS) loaders), and for access control purposes (e.g., authentication of owner and OS entities). The lists (or databases) can be stored in erasable programmable read only memory and used by a basic input/output system (BIOS) to authenticate loading of BIOS drivers such as OS loader and third-party UEFI input/output (I/O) device drivers for preventing the injection of inauthentic code into the BIOS. Typically, the lists (or databases) are created at BIOS build time in a factory setting, and, at that time, inject a static structure into the BIOS image. During OS runtime, the OS may update the lists to change which drivers the BIOS will allow.